OffSec Security Fundamentals

None.

Learn Fundamentals is recommended for both organisations that want to identify, train and prepare talent, as well as individual learners that want to prepare for an entry-level security job role or for higher level content.

The OffSec Security Fundamentals course will equip you with confidence to begin training towards a cyber security specialisation and with the necessary broad prerequisite knowledge to prepare you for the workplace, to be job ready for entry-level security roles.

PEN-100 Benefits

• Identify and educate promising security talent within your organisation
• Train new staff and IT roles in basic IT and information security skills
• Provide learners with materials that help them prepare to enrol in PEN-200
• Get learners started on the preparation for entry-level security roles
• Use assessments and badges to test learners’ progress and the level of preparedness for the PEN-200 course

WEB-200 Benefits

• Upskill technical professionals to security roles
• Keep track of learners’ progress with interactive exercises
• Challenge IT, staff, and developers, to perform with security in mind
• Follow learner journeys via reporting, assessments, and badges
• Elevate your team’s skill set and reduce risk by preparing them for advanced training and certifications

CLD-100 Benefits

• Upskill technical teams to roles for securing cloud architecture
• Prepare staff to understand higher-level cybersecurity content
• Ensure your cloud infrastructure is compliant with industry and law regulation
• Keep track of learning progress through interactive, hands-on exercises

SOC-200 Benefits

• Identify promising defensive security talent within your organisation
• Equip new employees and technical team with introductory cyber defense training
• Track learners’ journey with practical Learning Module Exercises
• Prepare learners to enrol in SOC-200
• Use assessments and badges to test learners’ knowledge, and preparation for advanced-level training

EXP-100 Benefits

• Introduce and upskill technical teams to security and exploit development roles
• Keep track of learners’ progress with hands-on exercises
• Prepare staff for more advanced OffSec courses and certifications to reduce risk

PEN-100 Network Penetration Testing Essentials (OffSec Digital Badge)

Network Penetration Testing Essentials module is designed to prepare learners to begin their penetration testing journey. This learning path covers the main concepts of information security such as cryptography, scripting, networking protocols, and working with shells. Interns, system administrators, developers, and other information technology professionals will get exposed to cybersecurity-adjacent content, tools, and technology needed to begin learning penetration testing skills.

• Linux & Windows Basics
• Networking Fundamentals
• Cryptography
• Web Applications
• Working w/ Shells
• Bash, Python, PowerShell Scripting
• Troubleshooting

WEB-100 Web Application Assessment Essentials (OffSec Digital Badge)

The Web Application Assessment Essentials module is designed to help learners grasp the basics needed to start learning web application security. Web application assessment essentials covers tech-adjacent concepts that are pillars for any cybersecurity focus area and are valuable for upskilling technical professionals to security roles. The module also covers web app security-specific content such as secure coding principles, web attacker methodology, and input validation. Hands-on exercises allow learners to practice and solidify their skills.

• Web Attacker Methodology
• Web Applications & Services
• Introduction to Web Secure Coding
• JavaScript Basics
• Input Validation
• Web Session Management

CLD-100 Introduction to Cloud Security (OffSec Digital Badge)

The introduction to cloud security module is designed for individuals and organisations to start working towards a specialisation in cloud security. This module is vendor-agnostic and provides real-world content on the underlying security concepts of cloud computing that can be applied to any cloud vendor: Amazon Web Services, Google Cloud, or Microsoft Azure.

• Introduction to Cloud Security
• Containers for Cloud
• Introduction to Kubernetes I
• Discovering Exposed Docker Sockets
• Discovering Exposed Kubernetes Dashboards

SOC-100 Security Operations Essentials (OffSec Digital Badge)

The security operations essentials module introduces learners to the cybersecurity defence and security operations essentials. With more than 10 extensive topics as well as hands-on exercises to apply learners’ knowledge, security operations essentials will help you get familiar with the fundamental processes and methodologies needed to start learning security operations and defence.

• Windows & Linux Networking & Services Enterprise Network Architecture
• SOC Management Processes
• Windows Networking and Services
• Introduction to Active Directory
• Troubleshooting

EXP-100 Exploit Development Essentials (OffSec Digital Badge)

The exploit development essentials is an introductory-level module. It provides learners with the knowledge and skills necessary to learn exploit development. Learners will acquire knowledge of information security and skills needed for learning exploit development with topics such as Introduction to Intel Assembly, Introduction to ARM, and Introduction to WinDbg.

• Intro to Intel Assembly
• Intro to Intel Assembly II
• Intro to ARM
• Intro to ARM II
• Intro to WinDbg
• Intro to Analysis with IDA Pro

Bonus Digital Content for post course continual professional development (CPD)

PEN-103 Kali Linux Revealed (+ 1 KLCP exam attempt)

• About Kali Linux
• Getting Started with Kali Linux
• Linux Fundamentals
• Installing Kali Linux
• Configuring Kali Linux
• Helping Yourself and Getting Help
• Securing and Monitoring Kali Linux
• Debian Package Management
• Advanced Usage
• Kali Linux in the Enterprise
• Introduction to Security Assessments

PEN-210 Wireless Security (+ 1 OSWP exam attempt)

• IEEE 802.11
• Wireless Networks
• Wi-Fi Encryption
• Linux Wireless Tools, Drivers, and Stacks
• Wireshark Essentials
• Frames and Network Interaction
• Aircrack-ng Essentials
• Cracking Authentication Hashes
• Attacking WPS Networks
• Rogue Access Points
• Attacking WPA Enterprise
• Attacking Captive Portals
• bettercap Essentials
• Kismet Essentials
• Determining Chipsets and Drivers
• Manual Network Connections

SSD-100 Introduction to Secure Software Development

• Introduction to Secure Software Development

• Introduction to SQL Injection
• Introduction to Web Application Debugging
• Secure Development Lifecycle